General

  • Target

    c5d86e61764613234eaa1b89a072cbf49c567e4cc81e0a400526386aeaa82ba6

  • Size

    348KB

  • Sample

    241223-ddzwwsvnal

  • MD5

    cfe37d94b619b82303018cdcf2568d42

  • SHA1

    7cb5917f0bae5492d442140e769b832ad7c3030b

  • SHA256

    c5d86e61764613234eaa1b89a072cbf49c567e4cc81e0a400526386aeaa82ba6

  • SHA512

    c066c3290c16a1d0ba43bf53a88b834a40a97bed7d7f8c4b5574af798699e4e294a31760fdfe96692f80517232b84df88c9d47d110f4df05d23c7331a9e52e59

  • SSDEEP

    6144:Xcm7ImGddXgYW5fNZWB5hFfci3Add4kGYAa0:l7TcbWXZshJX2VGdb

Malware Config

Targets

    • Target

      c5d86e61764613234eaa1b89a072cbf49c567e4cc81e0a400526386aeaa82ba6

    • Size

      348KB

    • MD5

      cfe37d94b619b82303018cdcf2568d42

    • SHA1

      7cb5917f0bae5492d442140e769b832ad7c3030b

    • SHA256

      c5d86e61764613234eaa1b89a072cbf49c567e4cc81e0a400526386aeaa82ba6

    • SHA512

      c066c3290c16a1d0ba43bf53a88b834a40a97bed7d7f8c4b5574af798699e4e294a31760fdfe96692f80517232b84df88c9d47d110f4df05d23c7331a9e52e59

    • SSDEEP

      6144:Xcm7ImGddXgYW5fNZWB5hFfci3Add4kGYAa0:l7TcbWXZshJX2VGdb

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks